Puppet Class: secure_windows::stig::v73391
- Defined in:
- manifests/stig/v73391.pp
Overview
This class manages: V-73391 The Active Directory Domain object must be configured with proper audit settings.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'manifests/stig/v73391.pp', line 4
class secure_windows::stig::v73391 (
Boolean $enforced = false,
) {
if $enforced {
if $facts['windows_server_type'] == 'windowsdc' {
$root_domain = $facts['root_domain']
ad_acl { $root_domain:
audit_rules => [
{
'ad_rights' => 'WriteProperty, WriteDacl, WriteOwner',
'identity' => 'S-1-1-0',
'audit_flags' => 'Success',
'inheritance_type' => 'None',
},
{
'ad_rights' => 'ExtendedRight',
'identity' => 'S-1-5-21-429241146-72105815-2897606901-513',
'audit_flags' => 'Success',
'inheritance_type' => 'None',
},
{
'ad_rights' => 'ExtendedRight',
'identity' => 'S-1-5-32-544',
'audit_flags' => 'Success',
'inheritance_type' => 'None',
},
{
'ad_rights' => 'GenericAll',
'identity' => 'S-1-1-0',
'audit_flags' => 'Failure',
'inheritance_type' => 'None',
},
],
}
}
}
}
|